cleantalk
Vulnerabilities and Security Researches

WP Hotel Booking, 0256a4cb-5d29-44bb-bc69-45edd8484c9d

CVE, Research URL

0256a4cb-5d29-44bb-bc69-45edd8484c9d

Home page URL

Security reports for WP Hotel Booking

Application

WP Hotel Booking

Published on
-
Research Description
WP Hotel Booking [wp-hotel-booking] < 2.0.1 WP Hotel Booking &lt;= 1.10.5 - Unauthenticated Arbitrary Settings Update The plugin does not have authorisation and CSRF checsk in place when updating its settings, which could allow unauthenticated attackers to change them
Affected versions
max 2.0.1.
Status
vulnerable
Previous vulnerability researches
WP Hotel Booking (CVE-2026-9822) , Jun 21, 2026
WP Hotel Booking (CVE-2025-14075) , Jan 28, 2026
WP Hotel Booking (CVE-2025-8942) , Apr 27, 2026
WP Hotel Booking (CVE-2024-12370) , Jan 18, 2025
WP Hotel Booking (CVE-2024-7855) , Oct 03, 2024
New vulnerability
Simple File List (CVE-2026-11911) , Jun 21, 2026
Simple File List (CVE-2026-12119) , Jun 21, 2026
Simple File List (CVE-2026-11912) , Jun 21, 2026
WP Hotel Booking (CVE-2026-9822) , Jun 21, 2026
Branda – White Label WordPress, Custom Login Page Customizer (CVE-2026-11551) , Jun 21, 2026